This ClientAuthContext class encapsulates ClientAuthModules that are used to
secure service requests made by a client, and to validate any responses received
to those requests. A caller typically uses this class in the following manner:
- Retrieve an instance of this class via ClientAuthConfig.getAuthContext.
- Invoke secureRequest.
ClientAuthContext implementation invokes secureRequest of one or more encapsulated ClientAuthModules.
Modules might attach credentials to request (for example, a user name and password),
and/or secure the request (for example, sign and encrypt the request).
- Send request and receive response.
- Invoke validateResponse.
ClientAuthContext implementation invokes validateResponse of one or more encapsulated
ClientAuthModules. Modules verify or decrypt response as necessary.
- Invoke cleanSubject method (as necessary) to clean up any authentication state in Subject.
A ClientAuthContext instance may be used concurrently by multiple callers.
Implementations of this interface are responsible for constructing and
initializing the encapsulated modules. The initialization step includes passing
the relevant request and response MessagePolicy objects to the encapsulated modules.
The MessagePolicy objects are obtained by the ClientAuthConfig instance used to obtain
the ClientAuthContext object. See ClientAuthConfig.getAuthContext for more information.
Implementations of this interface are instantiated by their associated configuration
object such that they know which modules to invoke, in what order, and how results
returned by preceding modules are to influence subsequent module invocations.
Calls to the inherited methods of this interface delegate to the corresponding methods of the encapsulated
authentication modules.